After reading these papers on Post-Compromise Security:
Post-compromise security secures future messages if the key for present messages is compromised. It repairs itself by using key update process. Key update process derives new key for future messages by using assymetric key exchange like DHE and chain of key derivation function.
If your present key is compromised by external sources, anytime when next DHE will happen, it will derive new key from that point. So the compromised key cannot be used to decrypt future messages. Whereas in key derivation chain, if it outputs separate key for each message, compromising one key will not compromise future keys but with a condition that the key that goes into the chain as input shouldn't be compromised because it acts as seed.
Based on how frequently DHE happens during the session, the attacker can compromise only subset of messages. But as DHE can itself be compromised by MITM, it only works in a condition if the attacker is passively listening the communication and relies on external sources to compromise keys.
Signal protocol does that by exchanging new key using DHE with every incoming message and derives new key for each message from symmetric ratchet.
